summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteve Langasek <vorlon@debian.org>2013-02-11 19:11:28 -0800
committerSteve Langasek <vorlon@debian.org>2019-01-08 22:11:49 -0800
commita97979c943a1bbee4f92a9537edb68634fd92c01 (patch)
tree28e91a7789769157cad8e8960710b9c90dc336f0
parent1f362f8fbacbe742c940187199bff4b5b28c9561 (diff)
Adjust the pam_env documentation to match the module behavior resulting
from the previous security upload. Closes: #693995.
-rw-r--r--debian/changelog2
-rw-r--r--debian/patches-applied/PAM-manpage-section15
-rw-r--r--debian/patches-applied/cve-2011-4708.patch19
-rw-r--r--debian/patches-applied/series2
4 files changed, 31 insertions, 7 deletions
diff --git a/debian/changelog b/debian/changelog
index 1e124627..87ce4a37 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,8 @@
pam (1.1.3-8) UNRELEASED; urgency=low
* Confirm NMU for bug #611136; thanks to Michael Gilbert.
+ * Adjust the pam_env documentation to match the module behavior resulting
+ from the previous security upload. Closes: #693995.
-- Steve Langasek <vorlon@debian.org> Mon, 11 Feb 2013 19:00:19 -0800
diff --git a/debian/patches-applied/PAM-manpage-section b/debian/patches-applied/PAM-manpage-section
index 202d4d3b..e4864ec8 100644
--- a/debian/patches-applied/PAM-manpage-section
+++ b/debian/patches-applied/PAM-manpage-section
@@ -3148,14 +3148,14 @@ Index: pam.deb/modules/pam_env/pam_env.8
.\" Author: [see the "AUTHOR" section]
-.\" Generator: DocBook XSL Stylesheets v1.74.0 <http://docbook.sf.net/>
-.\" Date: 10/27/2010
-+.\" Generator: DocBook XSL Stylesheets v1.75.2 <http://docbook.sf.net/>
-+.\" Date: 06/04/2011
++.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
++.\" Date: 02/11/2013
.\" Manual: Linux-PAM Manual
.\" Source: Linux-PAM Manual
.\" Language: English
.\"
-.TH "PAM_ENV" "8" "10/27/2010" "Linux-PAM Manual" "Linux-PAM Manual"
-+.TH "PAM_ENV" "8" "06/04/2011" "Linux-PAM Manual" "Linux-PAM Manual"
++.TH "PAM_ENV" "8" "02/11/2013" "Linux-PAM Manual" "Linux-PAM Manual"
.\" -----------------------------------------------------------------
-.\" * (re)Define some macros
+.\" * Define some portability stuff
@@ -3362,7 +3362,7 @@ Index: pam.deb/modules/pam_env/pam_env.8
file to override the default\&. This can be useful when different services need different environments\&.
.RE
.PP
-@@ -223,7 +82,7 @@
+@@ -223,13 +82,13 @@
\fBuser_envfile=\fR\fB\fIfilename\fR\fR
.RS 4
Indicate an alternative
@@ -3371,6 +3371,13 @@ Index: pam.deb/modules/pam_env/pam_env.8
file to override the default\&. This can be useful when different services need different environments\&. The filename is relative to the user home directory\&.
.RE
.PP
+ \fBuser_readenv=\fR\fB\fI0|1\fR\fR
+ .RS 4
+-Turns on or off the reading of the user specific environment file\&. 0 is off, 1 is on\&. By default this option is on\&.
++Turns on or off the reading of the user specific environment file\&. 0 is off, 1 is on\&. By default this option is off\&.
+ .RE
+ .SH "MODULE TYPES PROVIDED"
+ .PP
@@ -261,17 +120,17 @@
.RE
.SH "FILES"
diff --git a/debian/patches-applied/cve-2011-4708.patch b/debian/patches-applied/cve-2011-4708.patch
index b0413ff9..eb67e789 100644
--- a/debian/patches-applied/cve-2011-4708.patch
+++ b/debian/patches-applied/cve-2011-4708.patch
@@ -1,6 +1,8 @@
Description: fix cve-2011-4708: .pam_environment privilege issue
---- pam-1.1.3.orig/modules/pam_env/pam_env.c
-+++ pam-1.1.3/modules/pam_env/pam_env.c
+Index: pam.debian/modules/pam_env/pam_env.c
+===================================================================
+--- pam.debian.orig/modules/pam_env/pam_env.c
++++ pam.debian/modules/pam_env/pam_env.c
@@ -10,7 +10,7 @@
#define DEFAULT_READ_ENVFILE 1
@@ -10,3 +12,16 @@ Description: fix cve-2011-4708: .pam_environment privilege issue
#include "config.h"
+Index: pam.debian/modules/pam_env/pam_env.8.xml
+===================================================================
+--- pam.debian.orig/modules/pam_env/pam_env.8.xml
++++ pam.debian/modules/pam_env/pam_env.8.xml
+@@ -147,7 +147,7 @@
+ <listitem>
+ <para>
+ Turns on or off the reading of the user specific environment
+- file. 0 is off, 1 is on. By default this option is on.
++ file. 0 is off, 1 is on. By default this option is off.
+ </para>
+ </listitem>
+ </varlistentry>
diff --git a/debian/patches-applied/series b/debian/patches-applied/series
index 46b106af..c972b268 100644
--- a/debian/patches-applied/series
+++ b/debian/patches-applied/series
@@ -15,6 +15,7 @@ hurd_no_setfsuid
045_pam_dispatch_jump_is_ignore
054_pam_security_abstract_securetty_handling
055_pam_unix_nullok_secure
+cve-2011-4708.patch
PAM-manpage-section
autoconf.patch
update-motd
@@ -24,4 +25,3 @@ no_PATH_MAX_on_hurd
lib_security_multiarch_compat
pam_env-fix-overflow.patch
pam_env-fix-dos.patch
-cve-2011-4708.patch